a4fb4d42e7
verify-elf (verify_unresolved): treat PIEs as executables
2016-12-07 11:30:44 +00:00
8c1f9d589b
Move "is this ELF shared object an executable" check to a separate script
...
* configure.ac (AC_OUTPUT): Add scripts/fixup-libraries.
* rpm-4_0.spec (%files build): Add %_rpmlibdir/is_elf_so_executable.
* scripts/is_elf_so_executable: New file.
* scripts/Makefile.am (EXTRA_DIST, config_SCRIPTS): Add it.
* scripts/fixup-libraries: Rename to scripts/fixup-libraries.in,
use is_elf_so_executable.
2016-12-07 11:30:42 +00:00
a51ea574e9
scripts/fixup-libraries: fix recognition of PIEs
2016-12-07 11:30:25 +00:00
Ivan Zakharyaschev
401d9520ba
4.0.4-alt100.96
...
- verify-elf: don't confuse the initial verify_rpath() in case
of two RUNPATH/RPATHs (ALT#32826).
2016-11-30 17:50:04 +03:00
Ivan Zakharyaschev
d362bae600
verify-elf made a bit safer: pipes or command substitutions make it fail
...
1. set -o pipefail
2. don't use command substitutions inside other complex expressions; just assign to a var -- then it would make the script fail
2016-11-30 17:49:59 +03:00
Ivan Zakharyaschev
00b00565ea
verify-elf: don't call verify_rpath() under a pipe because the errors are saved in a var
...
(A pipe makes a subshell and the var is modified there.)
2016-11-30 17:48:24 +03:00
Ivan Zakharyaschev
c0f11587a5
verify-elf: don't confuse verify_rpath() in case of two RUNPATH/RPATHs (ALT#32826)
2016-11-30 17:30:49 +03:00
Ivan Zakharyaschev
91c923f251
verify-elf: tiny cleanup: unify the awk expression for RPATH extraction
...
Rewritten equivalently, like in lib.req.
2016-11-30 17:09:09 +03:00
Ivan Zakharyaschev
70369c1a8e
verify-elf: tiny cleanup: local var declaration moved to the place of use
...
The other occurence of "rpath" is in the second part of a pipe and is
local to that subshell anyway.
2016-11-30 17:08:09 +03:00
Ivan Zakharyaschev
00635cb1ac
4.0.4-alt100.95
...
- verify-elf: honor RUNPATH in addition to RPATH, too (like in lib.req).
- (unnoticeable) shell.req: generalize the shebang regexp w.r.t. other
hardcoded locations of /usr/bin/env. (No need to be too strict here:
shebang.req should catch bad locations. It's not our job.)
- %distribution: ALT Linux --> ALT (ALT#32707).
2016-11-29 15:12:34 +03:00
Ivan Zakharyaschev
3172abb8c1
%%distribution: ALT Linux --> ALT (ALT#32707) and some minor corrections of old @altlinux.ru addresses
2016-11-29 15:12:34 +03:00
Ivan Zakharyaschev
66f1a4cb8d
verify-elf: RUNPATH overrides RPATH for verify_unresolved
...
From ld.so's documentation about the search order:
Using the directories specified in the DT_RPATH dynamic section
attribute of the binary if present and DT_RUNPATH attribute does not
exist. Use of DT_RPATH is deprecated.
2016-11-29 15:11:46 +03:00
Ivan Zakharyaschev
65509e2763
verify-elf: honor RUNPATH, too (like in lib.req.in:95 and debuginfo.req.in:76)
...
in addition to RPATH
2016-11-28 22:37:18 +03:00
Ivan Zakharyaschev
e2810bda5c
added me to "Copyright (C)"
2016-11-28 22:37:13 +03:00
Ivan Zakharyaschev
d2e5d7dce7
shell.req: generalize the shebang regexp w.r.t. other locations of env
...
No need to be too strict here: shebang.req would (or should) catch bad
locations. It's not our work.
2016-05-27 16:02:37 +03:00
Ivan Zakharyaschev
ef66de16d5
shell.req: more idiomatic regexp for reading the shebang (use ?)
...
Compared with a similar regexp in Emacs sources --
http://git.altlinux.org/gears/e/emacs24.git?p=emacs24.git;a=blob;f=lisp/progmodes/sh-script.el;h=4700324d376db79e27d05e5352fff2f7e841a603;hb=HEAD#l1637
: "#![ \t]?\\([^ \t\n]*/bin/env[ \t]\\)?\\([^ \t\n]+\\)"
Conclusion: mostly identical meaning, with the exception of a more
liberal path of env in Emacs.
But ALT Sisyphus has /usr/bin/env only, so I don't see a good reason
to make the regexp more general. (If a different path is written
there, it won't work in ALT Sisyphus.)
2016-05-27 15:19:10 +03:00
Ivan Zakharyaschev
06f844cd6f
4.0.4-alt100.94
...
- shell.req: use the version of (ba|)sh from the shebang.
- find-{requires,provides}: run all scripts even for empty lists of files.
2016-05-24 23:08:16 +03:00
Ivan Zakharyaschev
f9bf39c2aa
shell.req: use the version of (ba|)sh from the shebang
2016-05-24 23:08:04 +03:00
Ivan Zakharyaschev
d13f11fe4f
find-provides: removed optimization for empty lists of files
...
The same reasons as for find-requires:
1. can be buggy in future;
2. give a chance to the methods to generate some special Provides
2016-04-07 13:58:27 +03:00
Ivan Zakharyaschev
0ebfa8f191
find-requires: removed optimization for empty lists of files
...
Reasons:
1. code clarity (and more robust w.r.t. to future changes which might
lead to bugs, as before)
2. to give all the special methods a chance to print something in the
case of an empty list, too (when needed)
2016-04-06 17:09:38 +03:00
Ivan Zakharyaschev
edf305d42c
4.0.4-alt100.93
...
- find-requires fixed for packages consisting completely of symlinks.
2016-04-06 03:30:21 +03:00
Ivan Zakharyaschev
4d23ad4702
percolate: removed loop optimization (for code clarity), result won't change
2016-04-06 03:26:17 +03:00
Ivan Zakharyaschev
95ffed16a6
find-requires: it was wrong to check "$tmpdir"/files for emptiness
...
Since there appeared a special handling for just some kind of
symlinks, "$tmpdir"/files gave only a part of "$tmpdir"/files+types --
the final list of what to analyze.
2016-04-06 03:22:49 +03:00
Ivan Zakharyaschev
e6e202e522
4.0.4-alt100.92
...
- find-requires: treat symlinks leading to some real content all way
through the same package as that content.
- find-{requires,provides}: in case of an error in it, the pipe to it
will be broken (must not change the visible behavior of rpm-build).
2016-04-05 23:26:03 +03:00
Ivan Zakharyaschev
6b43518d50
find-{requires,provides}: switched to the equivalent use of tmpdir.sh
2016-04-05 23:24:45 +03:00
Ivan Zakharyaschev
816c140ae7
find-{requires,provides}: in case of an error in it, the pipe to it will be broken (must not change the visible behavior of rpm-build)
...
We move "cat > /dev/null" to the only place where consuming the whole
input is useful for there to be no error.
This is done in preparation for a switch to the usage of tmpdir.sh.
2016-04-05 23:22:24 +03:00
Ivan Zakharyaschev
5630438416
debuginfo.req.files: ignore everything under /usr/lib/debug/.build-id/
...
The special directory structure there doesn't correspond to the
directory structure where debuginfo.req expects to find and process
*.debug files.
2016-04-05 22:57:42 +03:00
Ivan Zakharyaschev
7f43b629e2
find-requires: a TODO notice on directory symlinks vs percolation
2016-04-05 22:57:42 +03:00
Ivan Zakharyaschev
6412a7f161
find-requires: treat symlinks leading to some real content inside the same package as that content
2016-04-05 22:57:42 +03:00
Ivan Zakharyaschev
dc0def4a3b
percolate: hopefully, it will work just with /bin/sh (not to create an extra dep)
...
Conflicts:
scripts/percolate
2016-04-05 22:57:42 +03:00
Ivan Zakharyaschev
0f969acf44
percolate: register it in Makefile etc.
2016-04-05 22:57:42 +03:00
Ivan Zakharyaschev
70bf25fc08
percolate: a helper script (will be used to follow symlinks only through known files)
2016-04-05 22:57:35 +03:00
Ivan Zakharyaschev
484d6f523f
4.0.4-alt100.91
...
- brp-verify_elf: handle all rules for setting LD_PRELOAD in the form
of pairs of RPM_LD_PRELOAD_@ and RPM_FILES_TO_LD_PRELOAD_@ env vars.
- verify-elf: substitute LD_PRELOAD with "$VERIFY_ELF_LD_PRELOAD"
before ldd (i.e., any prior value of LD_PRELOAD will be cleared!)
- examples of usage of the above facilities:
rpm-build-python3-0.1.9.3 and rpm-build-python.
2016-03-31 21:23:29 +03:00
Ivan Zakharyaschev
c024ff3ce7
brp-verify_elf: set -o pipefail -- just in case
2016-03-31 21:23:29 +03:00
Ivan Zakharyaschev
e124ef0b4c
brp-verify_elf: handle all rules for setting LD_PRELOAD in the form of pairs of RPM_LD_PRELOAD_@ and RPM_FILES_TO_LD_PRELOAD_@ env vars
2016-03-31 21:23:29 +03:00
Ivan Zakharyaschev
9d2611ea44
verify-elf: substitute LD_PRELOAD before ldd (with what is passed on stdin after \t)
...
Of course, this will clean any externally set LD_PRELOAD.
2016-03-31 21:23:22 +03:00
a0380cbc27
4.0.4-alt100.90
...
- lib.req: made "no symbol bindings" condition fatal.
- relative: fixed potential heap buffer overflow (by Gleb F-Malinovskiy).
- rpmrc.in: armv7: do not force FPU kind, rely on compiler defaults
(by Sergey Bolshakov).
2016-03-10 16:27:08 +00:00
Gleb Fotengauer-Malinovskiy
03302d4963
relative.c: fix potential heap buffer overflow
2016-03-10 19:22:33 +03:00
b78cc75d12
lib.req: make "no symbol bindings" condition fatal
2016-03-10 15:30:27 +00:00
Sergey Bolshakov
00c4f63a1d
rpmrc.in: armv7: do not force FPU kind, rely on compiler defaults
2016-03-10 15:04:32 +00:00
3899fb125e
4.0.4-alt100.89.1
...
- ldd: reverted recent change (closes : #31870 ).
2016-03-10 16:14:33 +00:00
864001eba2
Revert "ldd.in: pass --list to rtld"
...
ld.so --list option is incompatible with LD_TRACE_LOADED_OBJECTS.
This reverts commit da9e6dfaab
.
2016-03-10 16:10:54 +00:00
f4c77cad3e
4.0.4-alt100.89
...
- brp-bytecompile_python: exclude paths listed
in $RPM_PYTHON3_COMPILE_INCLUDE (ALT#28606).
- ldd: pass --list to rtld.
2016-03-09 15:23:58 +00:00
42eacfcc82
brp-bytecompile_python: exclude paths listed in $RPM_PYTHON3_COMPILE_INCLUDE (ALT#28606)
...
$RPM_PYTHON3_COMPILE_INCLUDE is usually a subset of
$RPM_PYTHON_COMPILE_INCLUDE, so add the former to the exclude list.
2016-03-09 15:02:22 +00:00
da9e6dfaab
ldd.in: pass --list to rtld
2016-01-11 18:19:19 +00:00
Gleb Fotengauer-Malinovskiy
0f9a4a36ae
4.0.4-alt100.88
...
- compress_files: changed default method to xz.
2015-12-02 21:51:48 +03:00
Gleb Fotengauer-Malinovskiy
ae81f541b9
compress_files: change default method to xz
2015-12-02 21:46:44 +03:00
010eb422d8
4.0.4-alt100.87
...
- rpm-build: removed texinfo from requirements.
2015-11-30 18:52:16 +00:00
Gleb Fotengauer-Malinovskiy
ab529f8498
4.0.4-alt100.86
...
- Made rpm2cpio exit code accurate for large packages.
2015-11-18 20:53:31 +03:00
Gleb Fotengauer-Malinovskiy
91210177c1
Make rpm2cpio exit code accurate for large packages
...
Grab the uncompressed payload size from header and compare number of
bytes copied to that for exit code. Previously, truncated payloads could
have returned with success. This also fixes the exit code for large
payloads.
2015-11-18 20:52:46 +03:00